CVE-2011-0057

high

Description

Use-after-free vulnerability in the Web Workers implementation in Mozilla Firefox before 3.5.17 and 3.6.x before 3.6.14, and SeaMonkey before 2.0.12, allows remote attackers to execute arbitrary code via vectors related to a JavaScript Worker and garbage collection.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14200

https://bugzilla.mozilla.org/show_bug.cgi?id=626631

http://www.securityfocus.com/bid/46663

http://www.mozilla.org/security/announce/2011/mfsa2011-06.html

http://www.mandriva.com/security/advisories?name=MDVSA-2011:041

http://downloads.avaya.com/css/P8/documents/100133195

Details

Source: Mitre, NVD

Published: 2011-03-02

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.02945